package com.hz.admin.action;

import java.util.List;

import javax.servlet.http.HttpSession;

import com.hz.admin.util.SessionUserInfo;
import com.hz.framework.MyAction.BaseAction;
import com.hz.framework.dao.CommonSel;
import com.hz.framework.util.MD5Encoder;
import com.hz.framework.util.SqlParameter;
import com.hz.supermanage.bean.GramaBean;
import com.hz.supermanage.bean.Hzsyspersonnel;


public class LoginAction extends BaseAction {

	Hzsyspersonnel user = new Hzsyspersonnel();
	CommonSel<Hzsyspersonnel> dao = new CommonSel<Hzsyspersonnel>();
	
	public String login() throws Exception {
		System.out.println("系统登录");
		// TODO Auto-generated method stub 
		return SUCCESS;
	}
	/***
	 * @author 金雪冰
	 * @time 2010-10-20	
	 * @throws Exception 
	 * 方法功能: 处理登录
	 */
	public void doLogin() throws Exception {
		try{
			String hql = "from Hzsyspersonnel where loginid = ?";
			SqlParameter sqlParams = new SqlParameter();
			sqlParams.add(user.getLoginid());
			Hzsyspersonnel item = dao.selHqlObjByPS(hql, sqlParams);
			//String password=MD5Encoder.encode(user.getPassword());
			String password = user.getPassword();
			if (item == null) {
				this.output("用户不存在！");
			} else if (!item.getPassword().equals(password)) {
				this.output("用户或密码不正确！");
			} else if ("0".equals(item.getRoleid()) || "".equals(item.getRoleid()) || null == item.getRoleid()) {
				this.output("您没有权限登录！");
			} else {
				HttpSession session = request.getSession(true);
				//固化用户所具有的权限对象
				List list = dao.selHqlList("from HzsysPrograma where proid in ("+item.getGramaid().substring(1,item.getGramaid().lastIndexOf(","))+")");
				session.setAttribute("programaP", GramaBean.initGrama(list));
				session.setAttribute("programa", list);
				
				session.setAttribute("userid", item.getPersonid());//其他模块需要的人员标识
				session.setAttribute("admin_user", item);
				session.setAttribute("CurrentUser",new SessionUserInfo(item,request));
				//存入当前登录用户的系统信息 
				this.output("success");
			}
		}catch (Exception e) {
			e.printStackTrace();
			this.output("系统出错，请联系管理员！");
		}
	}

	/**
	 * @author 金雪冰
	 * @time 2010-10-20	
	 * @return
	 * @throws Exception 
	 * 方法功能: 注销登录
	 */
	public String logout() throws Exception {
		HttpSession session = request.getSession(false);
		if (session != null) {
			session.removeAttribute("admin_user");
		}
		return SUCCESS;
	}

	public Hzsyspersonnel getUser() {
		return user;
	}

	public void setUser(Hzsyspersonnel user) {
		this.user = user;
	}

}